Dwg_trueview - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Dwg_trueview
(Autodesk)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	22

Date	Id	Summary	Products	Score	Patch	Annotated
2022-04-13	CVE-2022-27524	An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.	Dwg_trueview	7.1
2022-10-07	CVE-2021-40162	A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Dwg_trueview, Fusion, Infrastructure_parts_editor, Infraworks, Inventor, Navisworks, Revit, Storm_and_sanitary_analysis	7.8
2022-10-07	CVE-2021-40163	A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Dwg_trueview, Fusion, Infrastructure_parts_editor, Infraworks, Inventor, Navisworks, Revit, Storm_and_sanitary_analysis	7.8
2022-10-07	CVE-2021-40164	A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Dwg_trueview, Fusion, Infrastructure_parts_editor, Infraworks, Inventor, Navisworks, Revit, Storm_and_sanitary_analysis	7.8
2022-10-07	CVE-2021-40166	A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Dwg_trueview, Fusion, Infrastructure_parts_editor, Infraworks, Inventor, Navisworks, Revit, Storm_and_sanitary_analysis	7.8
2022-10-07	CVE-2021-40165	A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Dwg_trueview, Fusion, Infrastructure_parts_editor, Infraworks, Inventor, Navisworks, Revit, Storm_and_sanitary_analysis	7.8
2022-12-19	CVE-2022-42945	DWG TrueViewTM 2023 version has a DLL Search Order Hijacking vulnerability. Successful exploitation by a malicious attacker could result in remote code execution on the target system.	Dwg_trueview	7.8
2024-10-29	CVE-2024-7992	A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Dwg_trueview	7.8
2024-10-29	CVE-2024-8896	A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Dwg_trueview	7.8
2024-10-29	CVE-2024-9489	A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.	Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Dwg_trueview	7.8